I recently had a challenge with a customer that had on-premises Skype for Business (SfB) and were looking to migrate to SfB Online. They did not want to federate the two infrastructures, but instead wanted to undertake a re-pointing of users at a given point in time by modifying the DNS records. When they introduced AAD Connect the default synchronisation included the SfB attributes, which is standard behaviour when AAD Connect detects that the schema extensions for SfB are present in on-premises AD. The presence of SfB-related user attribute values in the synchronisation flow caused SfB Online to detect all existing SfB on-premises users as hybrid. It meant my customer could not assign SfB Online access to synchronised users, which would have been a problem for testing the cut-over. The workaround for this was to modify the AAD Connect synchronisation rules to set the SfB attribute values to null. The steps implemented to achieve this are shown below.

1. Stop the AAD Connect sync scheduler.

From an elevated Powershell prompt run the following command

Set-ADSyncScheduler -SyncCycleEnabled $false

2. Open the Synchronisation Rules Editor and create an editable copy of the ‘In from AD – User Lync’ inbound synchronisation rule.

3. Set the new rule to have a higher precedence (lower numeric value) than the original rule.

4. Leave the scoping filter as is, i.e. no change.

5. Leave the join rules as is, i.e. no change.

6. Edit the transformation for each of the shown values. Change the flow type to Expression and the source to Authoritative Null.

7. Save the rule.

8. Start the AAD Connect Sync scheduler and run a full (initial) synchronisation by running the following Powershell commands: